<?php
    require 'common.php';
    
    $db = new Database();
    $user = getUser($db);
    
    if($user['group'] < 2) {
        redirect('login.php');
        exit();
    }
    
    $page = new HtmlPage();
    $page->writeHeader(lang('BLOCKS_PAGENAME'));
    $page->writeTitle();
    $page->writeMenu('BLOCKS', $user);
    $page->write('<div class="content">', PUSH_TAB);
    
    $page->write('<h2>'.lang('CREATE_BLOCK').'</h2>');
    $page->write('<form action="doaddblock.php" method="post">', PUSH_TAB);
    $page->write(getCsrfGuard());
    $page->write('<fieldset>', PUSH_TAB);
    $page->write('<legend>'.lang('CREATE_BLOCK').'</legend>');
    $page->write('<div class="formentry"><label><span>'.lang('BLOCK_NAME').' :</span><input type="text" name="name" /></label></div>');
    $page->write('</fieldset>', POP_TAB);
    $page->write('<input type="submit" value="'.lang('CREATE_BLOCK').'" />');
    $page->write('</form>', POP_TAB);
    
    $page->write('<h2>'.lang('BLOCK_LIST').'</h2>');
    $result = $db->query('SELECT id, name FROM '.config('DB_PREFIX').'blocks');
    $page->write('<table>', PUSH_TAB);
    $page->write('<tr>', PUSH_TAB);
    $page->write('<th>'.lang('BLOCK_NAME').'</th>');
    $page->write('<th>'.lang('ACTIONS').'</th>');
    $page->write('</tr>', POP_TAB);
    $i = -1;
    while($row = mysqli_fetch_assoc($result)) {
        $i++;
        if($i % 2 == 0)
            $page->write('<tr class="even">', PUSH_TAB);
        else
            $page->write('<tr class="odd">', PUSH_TAB);
        $page->write('<td>'.htmlEscape($row['name']).'</td>');
        $page->write('<td>', PUSH_TAB);
        $page->write('<form action="editblock.php" method="get">', PUSH_TAB);
        $page->write('<input type="hidden" name="id" value="'.$row['id'].'" />');
        $page->write('<input type="submit" value="'.lang('EDIT').'" />');
        $page->write('</form>', POP_TAB);
        $page->write('<form action="dodelblock.php" method="post">', PUSH_TAB);
        $page->write(getCsrfGuard());
        $page->write('<input type="hidden" name="id" value="'.$row['id'].'" />');
        $page->write('<input type="submit" value="'.lang('DEL').'" />');
        $page->write('</form>', POP_TAB);
        $page->write('</td>', POP_TAB);
        $page->write('</tr>', POP_TAB);
    }
    $page->write('</table>', POP_TAB);
    
    $page->write('</div>', POP_TAB);
    $page->writeFooter();
?>